3 matches found
CVE-2002-0493
CVE-2002-0493 affects Apache Tomcat where the web.xml parsing could proceed with errors and allow Tomcat to start with improper security settings, bypassing intended access restrictions. Affected component: Tomcat startup/security settings during web.xml read. Root cause described across sources ...
CVE-2002-0493
Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions...
Fixed in Apache Tomcat 4.0.0
Moderate: Security manager bypass CVE-2002-0493 If errors are encountered during the parsing of web.xml and Tomcat is configured to use a security manager it is possible for Tomcat to start without the security manager in place. Affects: Pre-release builds of 4.0.0...